This is about a vulnerability I discovered in Apache Wicket in 2014, but never got around to publishing my write-up. So it's kinda outdated now...
Apache Wicket is a web application framework for Java and is used by quite a few big sites. I had a closer look at ...

I believe as in any field of science we need to have a discussion about published research. Especially when we think there is something wrong with the "experiments" and the resulting conclusion. Maybe I'm completly ...

First of all, this research is legit because I have a logo and a name for it. This seems to be a trend right now
(heartbleed, shellshock, sandworm) . Afaik the rule is that you must invest the same time into creating the logo as you did in your research.